Relying Solely on Segmented Infrastructure and SCADA Systems can Lead to Unmonitored Risk. Find the Trouble Spots with GDF's Improved E-DEFENSE Solutions

Share Article

When it comes to critical digital assets, physically segmenting systems can offer increased protection from unwanted intruders, but may not be enough in this ever advancing age of cyber warfare, hacktivism and Advanced Persistent Threats (APTs). Global Digital Forensics has recently updated its E-DEFENSE offerings to include a crucial social engineering testing component as part of a full penetration test and digital threat assessment to help expose the weak links, even in segmented systems often thought to be “completely secure.”

Before, during and after an attack have to all be considered to effectively strengthen an organization’s cyber security posture.

New York, NY (PRWEB)December 06, 2012

Banks, hospitals, high-tech design companies, universities and any other entity perceived to have something of high digital “street value” are all accustomed to being high on hackers’ to-do lists these days. As the digital firewalls to keep intruders continually get harder and harder to erect due to the fluid barrage of new threat vectors popping up seemingly everywhere, just walling off critical digital assets from the outside world is often seen as a very logical and impenetrable means of defense. Global Digital Forensics has been helping clients effectively strengthen their cyber security posture for years, and in response to the growing cyber security needs of critical national infrastructure assets, and businesses alike, GDF’s E-DEFENSE solutions have recently been upgraded to include testing specifically designed to highlight cyber threat weaknesses, even in segmented systems often mistakenly and dangerously thought to be impervious to outside attacks.

Joe Caruso, founder and CEO/CTO of Global Digital Forensics, explains it like this. “The holy grail of cyber security has always been perfect security, but unfortunately, achieving perfect cyber security ultimately proves just as elusive as finding the actual holy grail. But that doesn’t mean the quest should be abandoned, because every step made in that direction can be the precise step that thwarts the next cyber attack which would have been experienced otherwise. For a long time, the easy answer was simply thought to be creating “air-gaps,” or a physical separation between the outside world and critical systems. After all, if you’re not “plugged in,” how can you be reached by intruders? Well, ask the Iranians and their air-gapped nuclear centrifuge systems, which were successfully breached by the now famous Stuxnet virus, how impenetrable that approach was.”

“But I think the most dangerous part of relying solely on air-gaps is the false sense of security I often see when we go onsite to do a comprehensive penetration test, which is effectively trying to hack a system just like real-world outsiders would to expose weaknesses. Once the air-gaps are in place, all eyes seem to shift to the perimeter defenses on outward facing systems and they fall asleep at the wheel internally. But there are always ways in and weaknesses must continuously be assessed, identified and remediated. Because think about it, how terrible would it be to have an otherwise secure system compromised by something as simple as dropping a USB drive preloaded with malware in the smoker’s area and having human curiosity be the instrument of delivery. We do things like that when we test for weaknesses. So strengthening cyber security doesn’t necessarily have to be expensive hardware or software based solutions, it can often come in the form of creating or updating security policy to keep everyone informed, trained and alert.

“Before, during and after an attack have to all be considered to effectively strengthen an organization’s cyber security posture. After doing a comprehensive pen test to assess a client’s unique threat vectors, our proactive breach prevention solutions can then afford companies of all sizes the ability to take a proactive approach in dealing with potential data breaches, greatly increasing the chances breaches will be prevented before they occur by having highly skilled and experienced professionals design a tailor-made cyber security plan plan, draft internal policy, ensure regulatory compliance and put everything businesses need in place for an affordable fixed cost. And in the event cyber intruders do manage a successful breach, our emergency incident response teams, comprised of top-notch, certified computer forensic specialists, can respond in a matter of hours, not days or weeks, to identify how and when the breach occurred, immediately take steps to contain the damage and make the financial aftermath as painless as humanly possible. That’s what our E-DEFENSE program is all about. We are not about bleeding a customer dry with overkill solutions, it’s our mission to make our client’s cyber assets as secure as possible while still keeping an eye on their all important bottom line. It’s all about getting the best return on their investment in cyber security, whatever the budget may be.”

To speak with a certified cyber security specialist about tailoring a customized plan to meet your unique needs, call 1-800-868-8189. In the event you are currently experiencing a cyber intrusion, data breach, DDoS attack or a virus/malware attack, call immediately. GDF’s has emergency incident response teams standing by 24/7.

*Global Digital Forensics is a recognized leader providing cutting edge solutions in the fields of computer forensics, ediscovery and intrusion incident response services. With offices in 16 US states and 30 offices around the world, our global reach is supremely positioned to react quickly and efficiently with a staff of highly qualified and experienced specialists. Many Fortune 500 companies have trusted GDF with their most sensitive situations. GDF has the technology, skill and experience to ensure any data breach or intrusion incidents, computer forensics tasks and/or eDiscovery needs are handled in a highly cost effective manner, while always ensuring exceptional results. For more information on E-DEFENSE, visit our website at http://www.evestigate.com